diff options
-rw-r--r-- | conf/filewriter_windows.go | 2 | ||||
-rw-r--r-- | conf/legacy_windows.go (renamed from conf/migration_windows.go) | 12 | ||||
-rw-r--r-- | conf/path_windows.go | 2 | ||||
-rw-r--r-- | conf/store.go | 19 | ||||
-rw-r--r-- | manager/ipc_server.go | 2 |
5 files changed, 15 insertions, 22 deletions
diff --git a/conf/filewriter_windows.go b/conf/filewriter_windows.go index f42603b3..bb538265 100644 --- a/conf/filewriter_windows.go +++ b/conf/filewriter_windows.go @@ -25,7 +25,7 @@ func randomFileName() string { return hex.EncodeToString(randBytes[:]) + ".tmp" } -func writeEncryptedFile(destination string, overwrite bool, contents []byte) error { +func writeLockedDownFile(destination string, overwrite bool, contents []byte) error { var err error sa := &windows.SecurityAttributes{Length: uint32(unsafe.Sizeof(windows.SecurityAttributes{}))} sa.SecurityDescriptor = (*windows.SECURITY_DESCRIPTOR)(atomic.LoadPointer(&encryptedFileSd)) diff --git a/conf/migration_windows.go b/conf/legacy_windows.go index 5f1086e8..ea8513cb 100644 --- a/conf/migration_windows.go +++ b/conf/legacy_windows.go @@ -18,7 +18,7 @@ import ( "golang.org/x/sys/windows/svc/mgr" ) -func maybeMigrateConfiguration(c string) { +func moveConfigsFromLegacyStore() { if disableAutoMigration { return } @@ -50,13 +50,15 @@ func maybeMigrateConfiguration(c string) { if pendingDeletion[strings.ToLower(oldPath)] { continue } - oldConfig, err := ioutil.ReadFile(oldPath) + config, err := LoadFromPath(oldPath) if err != nil { continue } - - newPath := filepath.Join(c, fileName) - err = writeEncryptedFile(newPath, false, oldConfig) + newPath, err := config.Path() + if err != nil { + continue + } + err = config.Save(false) if err != nil { continue } diff --git a/conf/path_windows.go b/conf/path_windows.go index 7e147617..d1ce07cc 100644 --- a/conf/path_windows.go +++ b/conf/path_windows.go @@ -34,8 +34,8 @@ func tunnelConfigurationsDirectory() (string, error) { if err != nil && !os.IsExist(err) { return "", err } - maybeMigrateConfiguration(c) cachedConfigFileDir = c + moveConfigsFromLegacyStore() return cachedConfigFileDir, nil } diff --git a/conf/store.go b/conf/store.go index 35f0ba7d..9a0f8c7d 100644 --- a/conf/store.go +++ b/conf/store.go @@ -100,29 +100,20 @@ func MigrateUnencryptedConfigs(sharingBase int) (int, []error) { e++ continue } - configName := strings.TrimSuffix(name, configFileUnencryptedSuffix) - config, err := FromWgQuickWithUnknownEncoding(string(bytes), configName) + config, err := FromWgQuickWithUnknownEncoding(string(bytes), strings.TrimSuffix(name, configFileUnencryptedSuffix)) if err != nil { errs[e] = err e++ continue } - - bytes, err = dpapi.Encrypt([]byte(config.ToWgQuick()), name) - if err != nil { - errs[e] = err - e++ - continue - } - dstFile := configName + configFileSuffix - err = writeEncryptedFile(dstFile, false, bytes) + err = config.Save(false) if err != nil { errs[e] = err e++ continue } err = os.Remove(path) - if err != nil && os.Remove(dstFile) == nil { + if err != nil { errs[e] = err e++ continue @@ -183,7 +174,7 @@ func NameFromPath(path string) (string, error) { return name, nil } -func (config *Config) Save() error { +func (config *Config) Save(overwrite bool) error { if !TunnelNameIsValid(config.Name) { return errors.New("Tunnel name is not valid") } @@ -197,7 +188,7 @@ func (config *Config) Save() error { if err != nil { return err } - return writeEncryptedFile(filename, true, bytes) + return writeLockedDownFile(filename, overwrite, bytes) } func (config *Config) Path() (string, error) { diff --git a/manager/ipc_server.go b/manager/ipc_server.go index bbd3891c..824980d6 100644 --- a/manager/ipc_server.go +++ b/manager/ipc_server.go @@ -217,7 +217,7 @@ func (s *ManagerService) Create(tunnelConfig *conf.Config) (*Tunnel, error) { if s.elevatedToken == 0 { return nil, windows.ERROR_ACCESS_DENIED } - err := tunnelConfig.Save() + err := tunnelConfig.Save(true) if err != nil { return nil, err } |